| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #if V8_TARGET_ARCH_X87 | 5 #if V8_TARGET_ARCH_X87 |
| 6 | 6 |
| 7 #include "src/code-factory.h" | 7 #include "src/code-factory.h" |
| 8 #include "src/codegen.h" | 8 #include "src/codegen.h" |
| 9 #include "src/deoptimizer.h" | 9 #include "src/deoptimizer.h" |
| 10 #include "src/full-codegen/full-codegen.h" | 10 #include "src/full-codegen/full-codegen.h" |
| (...skipping 2786 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2797 __ Pop(edi); | 2797 __ Pop(edi); |
| 2798 // Free up some registers. | 2798 // Free up some registers. |
| 2799 // Save edx/edi to stX0/stX1. | 2799 // Save edx/edi to stX0/stX1. |
| 2800 __ push(edx); | 2800 __ push(edx); |
| 2801 __ push(edi); | 2801 __ push(edi); |
| 2802 __ fld_s(MemOperand(esp, 0)); | 2802 __ fld_s(MemOperand(esp, 0)); |
| 2803 __ fld_s(MemOperand(esp, 4)); | 2803 __ fld_s(MemOperand(esp, 4)); |
| 2804 __ lea(esp, Operand(esp, 2 * kFloatSize)); | 2804 __ lea(esp, Operand(esp, 2 * kFloatSize)); |
| 2805 } | 2805 } |
| 2806 | 2806 |
| 2807 Register return_address = edi; | |
| 2808 { | 2807 { |
| 2809 // Calculate the new nargs including the result of the spread. | 2808 // Calculate the new nargs including the result of the spread. |
| 2810 __ mov(spread_len, FieldOperand(spread, FixedArray::kLengthOffset)); | 2809 __ mov(spread_len, FieldOperand(spread, FixedArray::kLengthOffset)); |
| 2811 __ SmiUntag(spread_len); | 2810 __ SmiUntag(spread_len); |
| 2812 | 2811 |
| 2813 __ bind(&push_args); | 2812 __ bind(&push_args); |
| 2814 // argc += spread_len - 1. Subtract 1 for the spread itself. | 2813 // argc += spread_len - 1. Subtract 1 for the spread itself. |
| 2815 __ lea(argc, Operand(argc, spread_len, times_1, -1)); | 2814 __ lea(argc, Operand(argc, spread_len, times_1, -1)); |
| 2816 | |
| 2817 // Pop the return address and spread argument. | |
| 2818 __ PopReturnAddressTo(return_address); | |
| 2819 __ Pop(scratch); | |
| 2820 } | 2815 } |
| 2821 | 2816 |
| 2822 // Check for stack overflow. | 2817 // Check for stack overflow. |
| 2823 { | 2818 { |
| 2824 // Check the stack for overflow. We are not trying to catch interruptions | 2819 // Check the stack for overflow. We are not trying to catch interruptions |
| 2825 // (i.e. debug break and preemption) here, so check the "real stack limit". | 2820 // (i.e. debug break and preemption) here, so check the "real stack limit". |
| 2826 Label done; | 2821 Label done; |
| 2827 __ LoadRoot(scratch, Heap::kRealStackLimitRootIndex); | 2822 __ LoadRoot(scratch, Heap::kRealStackLimitRootIndex); |
| 2828 // Make scratch the space we have left. The stack might already be | 2823 // Make scratch the space we have left. The stack might already be |
| 2829 // overflowed here which will cause scratch to become negative. | 2824 // overflowed here which will cause scratch to become negative. |
| 2830 __ neg(scratch); | 2825 __ neg(scratch); |
| 2831 __ add(scratch, esp); | 2826 __ add(scratch, esp); |
| 2832 __ sar(scratch, kPointerSizeLog2); | 2827 __ sar(scratch, kPointerSizeLog2); |
| 2833 // Check if the arguments will overflow the stack. | 2828 // Check if the arguments will overflow the stack. |
| 2834 __ cmp(scratch, spread_len); | 2829 __ cmp(scratch, spread_len); |
| 2835 __ j(greater, &done, Label::kNear); // Signed comparison. | 2830 __ j(greater, &done, Label::kNear); // Signed comparison. |
| 2836 __ TailCallRuntime(Runtime::kThrowStackOverflow); | 2831 __ TailCallRuntime(Runtime::kThrowStackOverflow); |
| 2837 __ bind(&done); | 2832 __ bind(&done); |
| 2838 } | 2833 } |
| 2839 | 2834 |
| 2840 // Put the evaluated spread onto the stack as additional arguments. | 2835 // Put the evaluated spread onto the stack as additional arguments. |
| 2841 { | 2836 { |
| 2837 Register return_address = edi; |
| 2838 // Pop the return address and spread argument. |
| 2839 __ PopReturnAddressTo(return_address); |
| 2840 __ Pop(scratch); |
| 2841 |
| 2842 Register scratch2 = esi; | 2842 Register scratch2 = esi; |
| 2843 // Save esi to stX0, edx/edi in stX1/stX2 now. | 2843 // Save esi to stX0, edx/edi in stX1/stX2 now. |
| 2844 __ push(esi); | 2844 __ push(esi); |
| 2845 __ fld_s(MemOperand(esp, 0)); | 2845 __ fld_s(MemOperand(esp, 0)); |
| 2846 __ lea(esp, Operand(esp, 1 * kFloatSize)); | 2846 __ lea(esp, Operand(esp, 1 * kFloatSize)); |
| 2847 | 2847 |
| 2848 __ mov(scratch, Immediate(0)); | 2848 __ mov(scratch, Immediate(0)); |
| 2849 Label done, loop; | 2849 Label done, loop; |
| 2850 __ bind(&loop); | 2850 __ bind(&loop); |
| 2851 __ cmp(scratch, spread_len); | 2851 __ cmp(scratch, spread_len); |
| (...skipping 482 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3334 | 3334 |
| 3335 void Builtins::Generate_InterpreterOnStackReplacement(MacroAssembler* masm) { | 3335 void Builtins::Generate_InterpreterOnStackReplacement(MacroAssembler* masm) { |
| 3336 Generate_OnStackReplacementHelper(masm, true); | 3336 Generate_OnStackReplacementHelper(masm, true); |
| 3337 } | 3337 } |
| 3338 | 3338 |
| 3339 #undef __ | 3339 #undef __ |
| 3340 } // namespace internal | 3340 } // namespace internal |
| 3341 } // namespace v8 | 3341 } // namespace v8 |
| 3342 | 3342 |
| 3343 #endif // V8_TARGET_ARCH_X87 | 3343 #endif // V8_TARGET_ARCH_X87 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2681643004:
[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack. (Closed)
